DESCRIPTION

This function is obsolete.
Do not use it.

The
getpass()
function opens
/dev/tty
(the controlling terminal of the process), outputs the string
prompt,
turns off echoing, reads one line (the "password"),
restores the terminal state and closes
/dev/tty
again.

RETURN VALUE

The function
getpass()
returns a pointer to a static buffer containing (the first
PASS_MAX
bytes of) the password without the trailing
newline, terminated by a null byte ('\0').
This buffer may be overwritten by a following call.
On error, the terminal state is restored,
errno
is set appropriately, and NULL is returned.

ERRORS

The function may fail if

ENXIO

The process does not have a controlling terminal.

FILES

/dev/tty

CONFORMING TO

Present in SUSv2, but marked LEGACY.
Removed in POSIX.1-2001.

NOTES

For libc4 and libc5, the prompt is not written to
/dev/tty
but to
stderr.
Moreover, if
/dev/tty
cannot be opened, the password is read from
stdin.
The static buffer has length 128 so that only the first 127
bytes of the password are returned.
While reading the password, signal generation
(SIGINT,
SIGQUIT,
SIGSTOP,
SIGTSTP)
is disabled and the corresponding characters
(usually control-C, control-\, control-Z and control-Y)
are transmitted as part of the password.
Since libc 5.4.19 also line editing is disabled, so that also
backspace and the like will be seen as part of the password.

For glibc2, if
/dev/tty
cannot be opened, the prompt is written to
stderr
and the password is read from
stdin.
There is no limit on the length of the password.
Line editing is not disabled.

According to the SUSv2, the value of
PASS_MAX
must be defined in
<limits.h>
in case it is smaller than 8, and can in any case be obtained using
sysconf(_SC_PASS_MAX).
However, POSIX.2 withdraws the constants
PASS_MAX
and
_SC_PASS_MAX,
and the function
getpass().
Libc4 and libc5 have never supported
PASS_MAX
or
_SC_PASS_MAX.
Glibc2 accepts
_SC_PASS_MAX
and returns
BUFSIZ
(e.g., 8192).

BUGS

The calling process should zero the password as soon as possible to avoid
leaving the cleartext password visible in the process's address space.